Commit graph

15 commits

Author SHA1 Message Date
Nicolas Graves
613e913836
home: services: ssh: Fix compilation warning with 'serialize-match-criteria'.
* gnu/home/services/ssh.scm (serialize-match-criteria): New procedure.
(serialize-openssh-host): Use it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2023-08-20 22:59:09 +02:00
Efraim Flashner
87cf2a859d
home: services: ssh: Allow unset boolean options in ssh-config.
From man 5 ssh_config:
Unless noted otherwise, for each parameter, the first obtained value
will be used.

We want to allow falling through to the first explicitly chosen user
defined value.

* gnu/home/services.ssh.scm (define-maybe boolean): New configuration.
(openssh-host)[forward-x11?, forward-x11-trusted?, forward-agent?,
compression?]: Replace default value with maybe-boolean.
* doc/guix.texi (Secure Shell): Update documentation to match the
changes in the code.
2023-06-14 21:51:44 +03:00
Nicolas Graves
9504dd2c3e
home: services: ssh: Export home-ssh-agent variables.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2023-06-09 23:28:45 +02:00
Nicolas Graves
b97f158456
home: services: ssh: Export configuration predicates.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2023-06-09 23:28:37 +02:00
Nicolas Graves
95853e61a7
home: services: ssh: Add 'match-criteria' option.
* gnu/home/services/ssh.scm (serialize-address-family): Raise
'&formatted-message' instead of '&error'.
(ssh-match-keywords): New variable.
(match-criteria?): New procedure.
(match-criteria): New maybe type.
(openssh-host)[name]: Turn into 'maybe-string'.
[match-criteria]: New field.
(serialize-openssh-host): Adjust accordingly.
* doc/guix.texi (Secure Shell): Document it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2023-06-09 23:28:18 +02:00
Nicolas Graves
f19e1b4f96
home: services: ssh: Add 'add-keys-to-agent' field.
* gnu/home/services/ssh.scm (<home-openssh-configuration>)[add-keys-to-agent]:
New field.
(serialize-add-keys-to-agent): New procedure.
(openssh-configuration->string): Use it.
* doc/guix.texi (Secure Shell): Document it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2023-06-09 23:27:52 +02:00
Janneke Nieuwenhuizen
c57693846c
home: services: ssh: Do not empty ~/.ssh/authorized_keys by default.
The default was an empty list which would remove any ~/.ssh/authorized_keys
file and replace it with a symlink to an empty file.  On some systems, notably
Ubuntu 22.10, the guix home generated ~/.ssh/authorized_keys file does not
allow login.

* doc/guix.texi (Secure Shell): Update, describe default #false value.
* gnu/home/services/ssh.scm (<home-openssh-configuration>)
[authorized-keys]: Change default to #f.
(openssh-configuration-files): Cater for default #f value: Do not register
"authorized_keys".
2023-05-24 11:56:12 +02:00
Saku Laesvuori
9043e23196
home: services: openssh: Add configuration option for jump proxies
Add a new 'proxy' field to openssh-host to allow ProxyCommand or
ProxyJump, but not both, to be configured. Configuring both would cause
the serialization order to determine which one is used. Deprecate the
'proxy-command' field because the 'proxy' field replaces it.

* gnu/home/services/ssh.scm (proxy-jump->string,
proxy-command-or-jump-list?, serialize-proxy-command-or-jump-list,
sanitize-proxy-command): New procedure.
(proxy-jump, proxy-command): New record type.
(openssh-host)[proxy-command]: Mark field as deprecated because OpenSSH
can't have ProxyCommand and ProxyJump configured at the same time.
* doc/guix.texi (Secure Shell): Update to match the changes to the
service.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2023-04-21 17:09:50 +02:00
Jan (janneke) Nieuwenhuizen
2714c9ef2d
home: services: ssh-agent: Handle setting of SSH_AUTH_SOCK.
* gnu/home/services/ssh.scm (home-ssh-agent-environment-variables): New
procedure.
(home-ssh-agent-service-type): Use it as ahome-environment-service type
extension.
* doc/guix.texi (Secure Shell): Remove advice about, and examples of setting
SSH_AUTH_SOCK.
2023-03-17 12:44:33 +01:00
Ludovic Courtès
8f219e658d
home: services: kodi, znc, ssh-agent: Use 'match-record'.
* gnu/home/services/media.scm (home-kodi-services): Use 'match-record'
instead of 'match'.
* gnu/home/services/messaging.scm (home-znc-services): Likewise.
* gnu/home/services/ssh.scm (home-ssh-agent-services): Likewise.
2023-03-16 23:03:17 +01:00
Ludovic Courtès
be7e2bf7eb
home: services: ssh-agent: Remove host-side use of (shepherd support).
This is a followup to 2c2f382e75, which
inadvertently pulled in (shepherd support) on the host side.

* gnu/home/services/ssh.scm (<home-ssh-agent-configuration>)[socket-directory]:
Change value to a gexp.
(home-ssh-agent-services): Change 'socket-file' and 'command' to a
gexp.  Add 'modules' field to 'shepherd-service'.
* doc/guix.texi (Secure Shell): Adjust accordingly.
2023-03-16 17:09:46 +01:00
Jan (janneke) Nieuwenhuizen
2c2f382e75
gnu: home: services: Add home-ssh-agent-service-type.
* gnu/home/services/ssh.scm: (<home-ssh-agent-configuration>): New type.
(home-ssh-agent-services): New procedure.
(home-ssh-agent-service-type): New variable.
* doc/guix.texi (Secure Shell): Document it.
2023-03-16 14:26:34 +01:00
Attila Lendvai
ee08277a70
services: Use the new maybe/unset API.
* gnu/home/services/ssh.scm (serialize-address-family): Use the public API of
the maybe infrastructure.
* gnu/services/file-sharing.scm (serialize-maybe-string): Use maybe-value.
(serialize-maybe-file-object): Use maybe-value-set?.
* gnu/services/getmail.scm (getmail-retriever-configuration): Don't use
internals in unset field declarations.
(getmail-destination-configuration): Ditto.
* gnu/services/messaging.scm (raw-content?): Use maybe-value-set?.
(prosody-configuration): Use %unset-value.
* gnu/services/telephony.scm (jami-shepherd-services): Use maybe-value-set?.
(archive-name->username): Use maybe-value-set?.
* tests/services/configuration.scm ("maybe type, no default"): Use
%unset-value.

Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2022-08-25 00:10:32 -04:00
Maxim Cournoyer
d9a0ccf13f
home: ssh: Fix invalid value error for address-family.
Fixes <https://issues.guix.gnu.org/57110>, a regression introduced with
a2b89a3319.

* gnu/home/services/ssh.scm (address-family?): Replace *unspecified* with 'unset.
(serialize-address-family): Adjust accordingly.
(openssh-host): Adjust doc.

Reported-by: Oleg Pykhalov <go.wigust@gmail.com>
2022-08-10 09:10:45 -04:00
Ludovic Courtès
7f208f68de
home: Add OpenSSH service.
* gnu/home/services/ssh.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* po/guix/POTFILES.in: Add it.
* doc/guix.texi (Secure Shell): New section.
2022-06-17 23:39:32 +02:00